You are here

12.2 upgrade - it can break all your outgoing https calls

Do you know about multiple domain certificates? If not you may have to learn quickly, because Oracle has changed the way they are handled in release 12.2. This is going to break a lot of applications.

A multiple domain certificate (aka "Unified Communications Certificate", a UCC) is an SSL certificate that secures multiple domain and host names. There are a lot of them about. Even www.oracle.con is secured by one. In release 12.1 and earlier, there was no problem. You would download the website's root certificate, load it into a wallet, and then you could use UTL_HTTP.REQUEST or UTL_SMTP.STARTTLS or APEX_WEB_SERVICE.MAKE_REQUEST to make the call. It would work if you were going to any of the domains that the certificate secures.

orclx> select utl_http.request(url=>'https://www.ebay.co.uk',wallet_path=>'file:\tmp\wallet') from dual;
select utl_http.request(url=>'https://www.ebay.co.uk',wallet_path=>'file:\tmp\wallet') from dual
*
ERROR at line 1:
ORA-29273: HTTP request failed
ORA-06512: at "SYS.UTL_HTTP", line 1501
ORA-24263: Certificate of the remote server does not match the target address.
ORA-06512: at "SYS.UTL_HTTP", line 380
ORA-06512: at "SYS.UTL_HTTP", line 1441
ORA-06512: at line 1

There is a solution - specify a new parameter introduced in 12.2, like this: